ermetic.com Open in urlscan Pro
44.197.9.3  Public Scan

19 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
27 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ermetic.com/blog/azure/emojideploy-smile-your-azure-web-service-just-got-rced/	241 KB 46 KB	390ms 181ms	Document text/html	44.197.9.3 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ermetic.com/blog/azure/emojideploy-smile-your-azure-web-service-just-got-rced/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 44.197.9.3 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-197-9-3.compute-1.amazonaws.com Software nginx / Resource Hash 12edc3538024d87909529b1ab198bb9835682113d9363584008dbf065cc50f22 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes cache-control max-age=0 content-encoding gzip content-length 46536 content-type text/html; charset=UTF-8 date Fri, 20 Jan 2023 03:28:35 GMT expires Fri, 20 Jan 2023 03:28:35 GMT last-modified Fri, 20 Jan 2023 01:33:26 GMT server nginx vary X-Forwarded-Proto,Accept-Encoding,User-Agent
GET H2	200	pxiEyp8kv8JHgFVrJJfecg.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	36ms 8ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 Requested by Host: ermetic.com URL: https://ermetic.com/blog/azure/emojideploy-smile-your-azure-web-service-just-got-rced/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ermetic.com/ Origin https://ermetic.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 18 Jan 2023 19:25:00 GMT x-content-type-options nosniff age 115415 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7884 x-xss-protection 0 last-modified Wed, 27 Apr 2022 17:03:52 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 18 Jan 2024 19:25:00 GMT
GET H2	200	pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	34ms 8ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 Requested by Host: ermetic.com URL: https://ermetic.com/blog/azure/emojideploy-smile-your-azure-web-service-just-got-rced/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ermetic.com/ Origin https://ermetic.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 18 Jan 2023 19:25:01 GMT x-content-type-options nosniff age 115414 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7748 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:21:30 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 18 Jan 2024 19:25:01 GMT
GET H2	200	pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	36ms 9ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 Requested by Host: ermetic.com URL: https://ermetic.com/blog/azure/emojideploy-smile-your-azure-web-service-just-got-rced/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ermetic.com/ Origin https://ermetic.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 18 Jan 2023 07:58:38 GMT x-content-type-options nosniff age 156597 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8000 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:59:07 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 18 Jan 2024 07:58:38 GMT
GET H2	200	pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	40ms 14ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 Requested by Host: ermetic.com URL: https://ermetic.com/blog/azure/emojideploy-smile-your-azure-web-service-just-got-rced/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ermetic.com/ Origin https://ermetic.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Wed, 18 Jan 2023 19:24:52 GMT x-content-type-options nosniff age 115423 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7816 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:11:40 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 18 Jan 2024 19:24:52 GMT
GET DATA	200 OK	truncated /	67 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f44543379636060537ab6715cd6ac8b33c847aa2735737007e61c01b71a95ea3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	66 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c4b5343e1b52e9c330bc8014329f8abe3c9981aed1c556d2818f549ea59c2772 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	66 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f4cdff9362d4ccc915b90f25706e922358a2d2ebd7cd805f61e7322cd39f40b3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	66 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d2b2133c296011562f2220ac7647b9936f49b5c9033ce7db37af06257c8c2d88 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 11ffeb4dbe11805a9cb0584ce44ed02f5f341be07a93c09b09b9d48b1ddfee96 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	66 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5aff3cbd43f156a091a9ca45818e3bff11de69a0c2af5af6578bc20ad9f8be8d Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	66 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e08fcd491d72ddf9274d75f88b5081cea7d81186346da349adc3f26204b31734 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	66 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f9d75c4a46d92888bdcca71f29d253b2dc0ff4a986f3bbc04f9a53bc0be50890 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	66 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a538924ddfbd0fef7e7de9120d35ec48a0754d29ade06a9a4e55995e1778cd27 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	66 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5717ca23d709412273363eeec758a20b45b769f719d865119f3b753579fb6a9b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	66 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2b30a8132531d2f1c7b75957083d30ca2642d166d84412803550d104bdc413ef Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	66 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b1acdc27329f0161cc3ea50e1af1f764b1c9b6bf58137c9d40a090ddb20f1292 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	66 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c7826d69437ad6d108a5a42ad143d63119dddf37835f851b7032a07453d866d4 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	66 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 880ee2ed74972556f00b5cf7a2c869c08b3885bdf8cd3286efeecdb9da8a3726 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	66 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ab5e833c7e41f17b8fe3e6885d02c47d7ab39cc205f9e6ac1acf5e102cbbf5a5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 891a6edbc3040f9b3b23062108409d20b4345e3179f3a9da3e5fdc195782befd Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	70 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash acfaaf62bff0119246c65258ed4eddfff3758441c562b3726627e377d6939118 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	carret-down-dark.svg ermetic.com/wp-content/themes/ermetic/img/	412 B 435 B	91ms 91ms	Image image/svg+xml	44.197.9.3 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ermetic.com/wp-content/themes/ermetic/img/carret-down-dark.svg Requested by Host: ermetic.com URL: https://ermetic.com/blog/azure/emojideploy-smile-your-azure-web-service-just-got-rced/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 44.197.9.3 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-197-9-3.compute-1.amazonaws.com Software nginx / Resource Hash 363cc6875be9270d6209829464da01901085404695d0a1dcd0ffdaa3e0d4151d Request headers accept-language de-DE,de;q=0.9 Referer https://ermetic.com/blog/azure/emojideploy-smile-your-azure-web-service-just-got-rced/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 20 Jan 2023 03:28:36 GMT content-encoding gzip last-modified Wed, 22 Jun 2022 12:25:22 GMT server nginx etag W/"62b30a32-19c" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=31536000
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 93a925ed0c3eb0ea2a4375d4d5550f7df5697fb5b53c04cfafaf925b33836abe Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash aa50825002409aedef2f65aa7b973aedcea632232c24f250721a74b40f9ee277 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ecd3784664cd75fea01a3723dcb938ecca830d12935c0ca65da8f6a3fe20e946 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	70 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7a8abb67cba799f0630fbd8909ee83bd6d9337bff17d3515fc061767bf49c4f5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 50aedfc872b8c917b12d7e9495a6103abb8171871582f6800648eef5867f170d Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c714c457eee6a95b430a7e57be367ff5f569d1b4e335f4a2c8c72b4dedc5933a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	bg-bootom.png ermetic.com/wp-content/themes/ermetic/img/	479 KB 479 KB	92ms 92ms	Image image/png	44.197.9.3 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ermetic.com/wp-content/themes/ermetic/img/bg-bootom.png Requested by Host: ermetic.com URL: https://ermetic.com/blog/azure/emojideploy-smile-your-azure-web-service-just-got-rced/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 44.197.9.3 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-197-9-3.compute-1.amazonaws.com Software nginx / Resource Hash acb343a3de7fa4a9f6c6c7cc8bb1403bf1e58e81c6f67ad528e955c66960847f Request headers accept-language de-DE,de;q=0.9 Referer https://ermetic.com/blog/azure/emojideploy-smile-your-azure-web-service-just-got-rced/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 20 Jan 2023 03:28:36 GMT last-modified Wed, 22 Jun 2022 12:25:22 GMT server nginx etag "62b30a32-77a0e" content-type image/png cache-control public, max-age=31536000 accept-ranges bytes content-length 489998
GET DATA	200 OK	truncated /	66 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bbc4d71d90b8cba0ab3a9e56982605b49aa762585d8507628ec03daf3fe1783f Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	65 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 42e0386373bc594b62c92e950a3278ce71fa9a43f01d4017858fd6cbb0124de3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	66 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash cc05486844d67fd9ef8af17e3370dc9f6a94cc7f77b8f35b0e235634d8390106 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	66 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5c55b069267e442246c9b3b958aeb047a403cea5f41f036023bcab498517d89b Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	wp-embed.min.js Show response ermetic.com/wp-includes/js/	1 KB 935 B	158ms 158ms	Script application/javascript	44.197.9.3 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ermetic.com/wp-includes/js/wp-embed.min.js?ver=5.8.4 Requested by Host: ermetic.com URL: https://ermetic.com/blog/azure/emojideploy-smile-your-azure-web-service-just-got-rced/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 44.197.9.3 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-197-9-3.compute-1.amazonaws.com Software nginx / Resource Hash 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991 Request headers accept-language de-DE,de;q=0.9 Referer https://ermetic.com/blog/azure/emojideploy-smile-your-azure-web-service-just-got-rced/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 20 Jan 2023 03:28:36 GMT content-encoding gzip last-modified Fri, 12 Mar 2021 11:32:15 GMT server nginx etag W/"604b513f-592" vary Accept-Encoding content-type application/javascript cache-control public, max-age=31536000
GET H2	200	lazyload.min.js Show response ermetic.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/	8 KB 3 KB	158ms 158ms	Script application/javascript	44.197.9.3 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ermetic.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js Requested by Host: ermetic.com URL: https://ermetic.com/blog/azure/emojideploy-smile-your-azure-web-service-just-got-rced/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 44.197.9.3 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-197-9-3.compute-1.amazonaws.com Software nginx / Resource Hash 8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6 Request headers accept-language de-DE,de;q=0.9 Referer https://ermetic.com/blog/azure/emojideploy-smile-your-azure-web-service-just-got-rced/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 20 Jan 2023 03:28:36 GMT content-encoding gzip last-modified Thu, 20 Oct 2022 07:31:28 GMT server nginx etag W/"6350f950-2063" vary Accept-Encoding content-type application/javascript cache-control public, max-age=31536000
GET H2	200	Group-4480.svg ermetic.com/wp-content/uploads/2021/07/	6 KB 3 KB	160ms 159ms	Image image/svg+xml	44.197.9.3 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ermetic.com/wp-content/uploads/2021/07/Group-4480.svg Requested by Host: ermetic.com URL: https://ermetic.com/blog/azure/emojideploy-smile-your-azure-web-service-just-got-rced/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 44.197.9.3 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-197-9-3.compute-1.amazonaws.com Software nginx / Resource Hash 7a4c7be01cbedf221414b7041191d755c6a958e4b8b771bbcc3ddca7feca0e71 Request headers accept-language de-DE,de;q=0.9 Referer https://ermetic.com/blog/azure/emojideploy-smile-your-azure-web-service-just-got-rced/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 20 Jan 2023 03:28:36 GMT content-encoding gzip last-modified Wed, 22 Jun 2022 12:25:22 GMT server nginx etag W/"62b30a32-1837" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=31536000
GET H2	200	ermetic2.png ermetic.com/wp-content/uploads/2021/09/	2 KB 2 KB	161ms 160ms	Image image/png	44.197.9.3 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ermetic.com/wp-content/uploads/2021/09/ermetic2.png Requested by Host: ermetic.com URL: https://ermetic.com/blog/azure/emojideploy-smile-your-azure-web-service-just-got-rced/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 44.197.9.3 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-197-9-3.compute-1.amazonaws.com Software nginx / Resource Hash c2d0ce5a402cf86ae966a7d32424e7cbf19feef576d10bd2c4f66e48d21bf2af Request headers accept-language de-DE,de;q=0.9 Referer https://ermetic.com/blog/azure/emojideploy-smile-your-azure-web-service-just-got-rced/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 20 Jan 2023 03:28:36 GMT last-modified Wed, 22 Jun 2022 12:25:25 GMT server nginx etag "62b30a35-888" content-type image/png cache-control public, max-age=31536000 accept-ranges bytes content-length 2184
GET H2	200	EmojiDeploy-in-Azure-Facebook_1200x630.png ermetic.com/wp-content/uploads/2023/01/	189 KB 189 KB	161ms 161ms	Image image/png	44.197.9.3 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ermetic.com/wp-content/uploads/2023/01/EmojiDeploy-in-Azure-Facebook_1200x630.png Requested by Host: ermetic.com URL: https://ermetic.com/blog/azure/emojideploy-smile-your-azure-web-service-just-got-rced/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 44.197.9.3 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-197-9-3.compute-1.amazonaws.com Software nginx / Resource Hash 5e184fab32621126e6f337b3f4cf8a8282957572f811e32abdce24e039a52483 Request headers accept-language de-DE,de;q=0.9 Referer https://ermetic.com/blog/azure/emojideploy-smile-your-azure-web-service-just-got-rced/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Fri, 20 Jan 2023 03:28:36 GMT last-modified Tue, 17 Jan 2023 13:08:53 GMT server nginx etag "63c69de5-2f414" content-type image/png cache-control public, max-age=31536000 accept-ranges bytes content-length 193556

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange undefined| href object| wpcf7 object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe object| wp function| LazyLoad

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ermetic.com
fonts.gstatic.com
2a00:1450:4001:813::2003
44.197.9.3
11ffeb4dbe11805a9cb0584ce44ed02f5f341be07a93c09b09b9d48b1ddfee96
12edc3538024d87909529b1ab198bb9835682113d9363584008dbf065cc50f22
2b30a8132531d2f1c7b75957083d30ca2642d166d84412803550d104bdc413ef
363cc6875be9270d6209829464da01901085404695d0a1dcd0ffdaa3e0d4151d
42e0386373bc594b62c92e950a3278ce71fa9a43f01d4017858fd6cbb0124de3
50aedfc872b8c917b12d7e9495a6103abb8171871582f6800648eef5867f170d
5717ca23d709412273363eeec758a20b45b769f719d865119f3b753579fb6a9b
5aff3cbd43f156a091a9ca45818e3bff11de69a0c2af5af6578bc20ad9f8be8d
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c55b069267e442246c9b3b958aeb047a403cea5f41f036023bcab498517d89b
5e184fab32621126e6f337b3f4cf8a8282957572f811e32abdce24e039a52483
7a4c7be01cbedf221414b7041191d755c6a958e4b8b771bbcc3ddca7feca0e71
7a8abb67cba799f0630fbd8909ee83bd6d9337bff17d3515fc061767bf49c4f5
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
880ee2ed74972556f00b5cf7a2c869c08b3885bdf8cd3286efeecdb9da8a3726
891a6edbc3040f9b3b23062108409d20b4345e3179f3a9da3e5fdc195782befd
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
93a925ed0c3eb0ea2a4375d4d5550f7df5697fb5b53c04cfafaf925b33836abe
a538924ddfbd0fef7e7de9120d35ec48a0754d29ade06a9a4e55995e1778cd27
aa50825002409aedef2f65aa7b973aedcea632232c24f250721a74b40f9ee277
ab5e833c7e41f17b8fe3e6885d02c47d7ab39cc205f9e6ac1acf5e102cbbf5a5
acb343a3de7fa4a9f6c6c7cc8bb1403bf1e58e81c6f67ad528e955c66960847f
acfaaf62bff0119246c65258ed4eddfff3758441c562b3726627e377d6939118
b1acdc27329f0161cc3ea50e1af1f764b1c9b6bf58137c9d40a090ddb20f1292
bbc4d71d90b8cba0ab3a9e56982605b49aa762585d8507628ec03daf3fe1783f
c2d0ce5a402cf86ae966a7d32424e7cbf19feef576d10bd2c4f66e48d21bf2af
c4b5343e1b52e9c330bc8014329f8abe3c9981aed1c556d2818f549ea59c2772
c714c457eee6a95b430a7e57be367ff5f569d1b4e335f4a2c8c72b4dedc5933a
c7826d69437ad6d108a5a42ad143d63119dddf37835f851b7032a07453d866d4
cc05486844d67fd9ef8af17e3370dc9f6a94cc7f77b8f35b0e235634d8390106
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d2b2133c296011562f2220ac7647b9936f49b5c9033ce7db37af06257c8c2d88
e08fcd491d72ddf9274d75f88b5081cea7d81186346da349adc3f26204b31734
ecd3784664cd75fea01a3723dcb938ecca830d12935c0ca65da8f6a3fe20e946
f44543379636060537ab6715cd6ac8b33c847aa2735737007e61c01b71a95ea3
f4cdff9362d4ccc915b90f25706e922358a2d2ebd7cd805f61e7322cd39f40b3
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f9d75c4a46d92888bdcca71f29d253b2dc0ff4a986f3bbc04f9a53bc0be50890